Project Date: August 2024 – Present
Overview
I built and operate a TrueNAS-backed homelab to host personal and research tooling with production-style reliability: ZFS RAIDZ1 array for bulk media, a mirrored SSD vdev for low-latency apps, Traefik for HTTPS and routing, Tailscale for private mesh access, and UniFi for VLAN-segmented networking. The stack runs Immich, OpenProject, Jellyfin, a Pi-hole VM, and multiple MySQL databases, with email alerts, scheduled SMART tests, ZFS scrubs, and automated backups.
Architecture at a Glance
- Storage:
- Array: 4× 18 TB Seagate IronWolf Pro (RAIDZ1) ≈ 54 TB usable (pre-overhead)
- Apps/fast storage: SSD mirror vdev (metadata-heavy apps, DBs, logs)
- Compute & Orchestration: Containers + one Pi-hole VM
- Ingress & Certificates: Traefik with Let’s Encrypt (DNS/HTTP challenges), HSTS, and TLS 1.2/1.3
- Private Mesh: Tailscale for internal access; VPS joined to Tailscale for selective external exposure/reverse-proxy
- Network: UniFi backbone with VLANs (Default/Servers/IoT/Guests/Media), inter-VLAN rules (least-privilege)
- Monitoring & Alerts: System email, SMART, ZFS events; (optional) Grafana/Loki/Prometheus
- Data Protection: SMART short/long tests, monthly ZFS scrubs, snapshots + off-box backups
```mermaid flowchart LR Internet–>Traefik[Traefik Reverse Proxy] Traefik–TLS–>Apps[Containers on TrueNAS] VPS[VPS (Tailscale Node)]<–>Tailscale[Tailscale Mesh]<–>TrueNAS UniFi[UniFi Gateway + Switches]—|VLANs| TrueNAS subgraph ZFS A[RAIDZ1: 4×18TB]:::disk B[SSD Mirror vdev]:::disk end TrueNAS—A TrueNAS—B classDef disk fill:#f0f0f0,stroke:#aaa